1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Updating Password by User ID

Discussion in 'XenForo Development Discussions' started by IPSE, Aug 18, 2014.

  1. IPSE

    IPSE Member

    Hi,

    We've just purchased Xenforo to replace vBulletin - it's really quick so far so we're very pleased.

    I was wondering how to update a user's password through PHP programmatically. We have the user ID of course, so I'm just wondering if the hashing mechanism has changed since this post here: http://xenforo.com/community/threads/password-formula.32191/?

    I've tried using SHA256 (the PHP environment does have the 'hash' module available to itself), but if I insert the new serialized data and then try to authenticate that doesn't work.

    Any tips / guidance would be appreciated.

    Thank you.

    -Kevin
     
  2. Chris D

    Chris D XenForo Developer Staff Member

    Why do you need to concern yourself with any caching mechanism at all?

    XenForo includes the ability to change passwords in the Admin CP. Surely some existing code must exist to make it easier...?
     
  3. IPSE

    IPSE Member

    Hi Chris,

    Thank you for your quick reply.

    To put this into some context, we have a Drupal web site which a user logs in with to authenticate. When they do so successfully, we'd like to update their Xenforo password with the same hashed password and log them into the forum software in the background. I have this piece of the puzzle ready, just need guidance about how to update the user's password by ID.

    Thanks,

    -Kevin
     
  4. Chris D

    Chris D XenForo Developer Staff Member

    Do you have access to the unhashed password at this time? Or only the hashed version?
     
  5. IPSE

    IPSE Member

    Hi,

    When a user logs into the main web site we have an unhashed password, albeit over SSL. My plan at this point was if the user successfully authenticates into the main site to then use this password to update the Xenforo password (after it's been hashed etc.) in the background to achieve what appears to be a single sign-on.

    Thanks,

    -Kevin
     
  6. Chris D

    Chris D XenForo Developer Staff Member

    Ok.

    There's a function which may help, it's basically the way a user's password is set based on an unhashed input. So it may not completely solve the problem, but it will certainly give you a view of the process of setting a password.

    If you look at library/XenForo/DataWriter/User.php :: setPassword

    Hope it helps.

    To answer your earlier question, the default authentication method has changed somewhat:

    What I'm trying to do is steer you in the right direction of the existing code within XenForo so you aren't re-inventing the wheel.
     
  7. IPSE

    IPSE Member

    Chris,

    This looks perfect - thank you. And I'd much prefer to use Xenforo's method of handling this type of things; saves me having to review code during updates etc.

    I'll write back later with an update as to how it went.

    Thanks,

    -Kevin
     
    Chris D likes this.

Share This Page